eFront Learning CMS version 3.6.15.6 suffers from a persistent cross site scripting vulnerability in the message attachment.
>> CATEGORY: exploit
eFront Learning CMS version 3.6.15.6 suffers from a persistent cross site scripting vulnerability in the forum functionality.
InstallShield suffers from a DLL hijacking vulnerability.
WordPress CSV Import plugin version 1.0 suffers from a cross site scripting vulnerability.
OpenAM versions 9 through 9.5.5 and 10.0.0 through 10.0.2 suffer from a cross site scripting vulnerability.
Magento versions 1.9.2.2 and below suffer from an information disclosure vulnerability in their RSS feed.
The Vulnerability Laboratory Research Team discovered an application-side input validation web vulnerability in the official GTA Web Firewall appliance – GB OS v6.2.02.
ManageEngine Firewall Analyzer version 8.5 suffers from a remote SQL injection vulnerability.
PLANET IP surveillance camera model ICA-5350V suffers from authentication bypass, cross site request forgery, cross site scripting, arbitrary file read, hardcoded credential, and local file inclusion vulnerabilities.